﻿<?
@session_start();
require_once("conn.php");

	$cmd = $_REQUEST["cmd"];
	switch($cmd){
		case "frmAddCategory"		:	frmAddCategory();
										break;
		case "addCategory"			:	addCategory();
										break;
		case "frmEditCategory"		:	frmEditCategory();
										break;
		case "editCategory"			:	editCategory();
										break;
		case "frmAddProduct"		:	frmAddProduct();
										break;
		case "addProduct"			:	addProduct();
										break;
		case "frmEditProduct"		:	frmEditProduct();
										break;
		case "editProduct"			:	editProduct();
										break;
		case "frmAddUnit"			:	frmAddUnit();
										break;
		case "addUnit"				:	addUnit();
										break;
		case "frmEditUnit"			:	frmEditUnit();
										break;
		case "editUnit"				:	editUnit();
										break;
		case "addCart"				:	addCart();
										break;
		case "getUnitcall"			:	getUnitcall();
										break;
		case "loadProductTable"		:	loadProductTable();
										break;
		case "frmNewLogoshop"		:	frmNewLogoshop();
										break;
		case "addNewLogoshop"		:	addNewLogoshop();
										break;
		case "frmeditLogo"			:	frmeditLogo();
										break;
		case "frmBuyStock"			:	frmBuyStock();
										break;	
		case "addBuyStock"			:	addBuyStock();
										break;
		case "editLogoProduct"		:	editLogoProduct();
										break;
		case "delStock"				:	delStock();
										break;	
		case "getPName"				:	getPName();
										break;								
		case "getAccess"			:	getAccess();
										break;
		case "updateAccess"			:	updateAccess();
										break;
		case "updateOrCat"			:	updateOrCat();
										break;
		case "addSendOffice"		:	addSendOffice();
										break;
		case "updateSendItem"		:	updateSendItem();
										break;
		case "addSendIsland"		:	addSendIsland();
										break;
		case "acceptOrder"			:	acceptOrder();
										break;
		case "confirmSended"		:	confirmSended();
										break;
		case "searchProduct"		:	searchProduct();
										break;

		case "viewAcceptDetail"		:	viewAcceptDetail();
										break;

		default						:	echo "Command Error ".$cmd;
										break;
	}

function frmAddCategory(){
?>
	<table>
		<tr>
			<td>Category Name : </td>
			<td><input type="text" id="cat_name"></td>
		</tr>
		<tr>
			<td colspan="2"><input type="button" id="btnAddCategory" onclick="addCategory()" value="Add"></td>
		</tr>
	</table>
<?
}

function addCategory(){
	$cat_name = $_POST["cat_name"];
	$sql = "INSERT INTO pch_category(category_name) VALUES('".$cat_name."');";
	mysql_query($sql) or die(mysql_error());
	echo "Success";
}

function frmEditCategory(){
	$id = $_POST["id"];

	$sql = "SELECT * FROM pch_category WHERE id='$id'";
	$query = mysql_query($sql);
	$row = mysql_fetch_assoc($query);
	?>
	<table>
		<tr>
			<td>Category Name : </td>
			<td><input type="text" id="cat_name" value="<?=$row["category_name"]?>"></td>
		</tr>
		<tr>
			<td colspan="2"><input type="button" onclick="loadCatManage();" value="Back"><input type="button" onclick="editCategory('<?=$row["id"]?>')" value="Edit"></td>
		</tr>
	</table>
<?
}

function editCategory(){
	$id = $_POST["id"];
	$name = $_POST["name"];

	$sql = "UPDATE pch_category SET category_name='".$name."' WHERE id='".$id."';";
	mysql_query($sql) or die(mysql_error());
	echo "Success";
}

function frmAddProduct(){
?>	
 	<table>
		<tr>
			<td>Barcode : </td>
			<td><input type="text" id="barcode"></td>
		</tr>
		<tr>
			<td>ชื่อสินค้า : </td>
			<td><input type="text" id="pro_name_th"></td>
		</tr>
		<tr>
			<td>Product Name : </td>
			<td><input type="text" id="pro_name_mm"></td>
		</tr>
		<tr>
			<td>Category : </td>
			<td>
				<select id="pro_cat">
					<option value="">&nbsp;</option>
					<?
						$sql = "SELECT * FROM pch_category";
						$query = mysql_query($sql);
						while($row = mysql_fetch_array($query)){
						?>
							<option value="<?=$row["id"]?>"><?=$row["category_name"]?></option>
						<?
						}
					?>
				</select>
			</td>
			<tr>
				<td>Image</td>
				<td>
					<input type="hidden" id="pro_pic_edit" value="1">
					<input type="hidden" id="pro_pic">
					<iframe id="uploadtarget" name="uploadtarget" src="" style="width:0px;height:0px;border:0"></iframe>
					<span id="upmsg"></span>
					<span id="frm_pro_pic">
						<form id="frmUpload" action="upload.php" method="post" enctype="multipart/form-data" onsubmit="return clickupload();" target="uploadtarget">
							<input id="fileupload" name="fileupload" type="file">&nbsp;
							<input id="btnUpload" type="submit" value="Upload เลยเด่ะ">
						</form>
					</span>
				</td>
			</tr>
		</tr>
		<tr>
			<td colspan="2"><input type="button" id="btnAddProduct" onclick="addProduct()" value="Add"></td>
		</tr>
	</table>
<?
}

function addProduct(){
	$barcode = $_REQUEST["barcode"];
	$nameth = $_REQUEST["nameth"];
	$namemm = $_REQUEST["namemm"];
	$cat = $_REQUEST["cat"];
	$image = $_REQUEST["image"];

	if($image != ""){
		$tmp = explode("/",$image);
		$images = $tmp[1];
		if (@copy($image,"usr/product/".$images)) {
			@unlink($image);
		}
	}else{
		$images = "";
	}

	$sql = "INSERT INTO pch_product(barcode,product_name,category_id,image) VALUES('".$barcode."','".$nameth."',".$cat.",'".$images."');";
//echo $sql;
	mysql_query($sql) or die(mysql_error());
	$lastid = mysql_insert_id();
	$sql = "INSERT INTO pch_product_language(product_id,th,mm) VALUES('".$lastid."','".$nameth."','".$namemm."');";
//echo $sql;
	mysql_query($sql) or die(mysql_error());

	echo "Success";

}

function frmEditProduct(){
	$id = $_POST["id"];
	$sql = "SELECT * FROM pch_product WHERE id='$id'";
	$query = mysql_query($sql);
	$row = mysql_fetch_assoc($query);
?>
	<table>
		<tr>
			<td>Barcode : </td>
			<td><input type="text" id="barcode" value="<?=$row["barcode"]?>"></td>
		</tr>
		<?
			$ssql = "SELECT * FROM pch_product_language WHERE product_id='".$row["id"]."';";
			$squery = mysql_query($ssql);
			$srow = mysql_fetch_assoc($squery);
		?>
		<tr>
			<td>ชื่อสินค้า : </td>
			<td><input type="text" id="pro_name_th" value="<?=$srow["th"]?>"></td>
		</tr>
		<tr>
			<td>Product Name : </td>
			<td><input type="text" id="pro_name_mm" value="<?=$srow["mm"]?>"></td>
		</tr>
		<tr>
			<td>Category : </td>
			<td>
				<select id="pro_cat">
					<option value="">&nbsp;</option>
					<?
						$sqls = "SELECT * FROM pch_category ORDER BY category_name";
						$querys = mysql_query($sqls);
						while($rows = mysql_fetch_array($querys)){
							if($row["category_id"] == $rows["id"]){
								$selected = "selected";
							}else{
								$selected = "";
							}
						?>
							<option value="<?=$rows["id"]?>" <?=$selected?>><?=$rows["category_name"]?></option>
						<?
						}
					?>
				</select>
			</td>
			<tr>
				<td>Unit Type : </td>
				<td>
					<?
						$xsql = "SELECT * FROM pch_product_call WHERE id_product='".$row["id"]."'";
						//echo
						$xqry = mysql_query($xsql);
						$xrow = mysql_fetch_assoc($xqry);
					?>
					<select id="pro_unit">
						<option value="">&nbsp;</option>
						<?
							$sqls = "SELECT * FROM pch_unit ORDER BY unit_name;";
							$querys = mysql_query($sqls);
							while($rows = mysql_fetch_array($querys)){
								if($xrow["id_unit"] == $rows["id"]){
									$selected = "selected";
								}else{
									$selected = "";
								}
							?>
								<option value="<?=$rows["id"]?>" <?=$selected?>><?=$rows["unit_name"]?></option>
							<?
							}
						?>
					</select>
				</td>
			</tr>
			<tr>
				<td>สถานที่เก็บ : </td>
				<td>
					<?
						$xsql = "SELECT * FROM pch_product_target WHERE product_id='".$row["id"]."'";
						//echo
						$xqry = mysql_query($xsql);
						$xrow = mysql_fetch_assoc($xqry);
					?>
					<select id="pro_target">
						<option value="">&nbsp;</option>
						<?
							$sqls = "SELECT * FROM pch_target;";
							$querys = mysql_query($sqls);
							while($rows = mysql_fetch_array($querys)){
								if($xrow["target_id"] == $rows["id"]){
									$selected = "selected";
								}else{
									$selected = "";
								}
							?>
								<option value="<?=$rows["id"]?>" <?=$selected?>><?=$rows["targetname"]?></option>
							<?
							}
						?>
					</select>
				</td>
			</tr>
			<tr>
				<td>Image</td>
				<td>
					<input type="hidden" id="pro_pic_edit" value="1">
					<input type="hidden" id="pro_pic" value="<?=$row["image"]?>">
					<iframe id="uploadtarget" name="uploadtarget" src="" style="width:0px;height:0px;border:0"></iframe>
					<span id="upmsg"></span>
					<span id="frm_pro_pic">
						<form id="frmUpload" action="upload.php" method="post" enctype="multipart/form-data" onsubmit="return clickupload();" target="uploadtarget">
							<input id="fileupload" name="fileupload" type="file">&nbsp;
							<input id="btnUpload" type="submit" value="เสร็จแล้วกด Upload เลยคร๊าบ">
						</form>
					</span>
				</td>
			</tr>
		</tr>
		<tr><td colspan="2">&nbsp;</td></tr>
		<tr>
			<td colspan="2"><span style="float:left;"><input type="button" onclick="closeEditProduct();" value="Back" style="width:100px;"></span><span style="float:right;"><input type="button" id="btnEditProduct" onclick="editProduct('<?=$row["id"]?>')" value="Edit" style="width:100px;"></span></td>
		</tr>
	</table>
<?
}

function editProduct(){
	$id = $_POST["id"];
	$barcode = $_POST["barcode"];
	$nameth = $_POST["nameth"];
	$namemm = $_POST["namemm"];
	$cat = $_POST["cat"];
	$image = $_POST["image"];
	$pic_edit = $_POST["pic_edit"];
	$unit = $_POST["unit"];
	$target = $_REQUEST["target"];
	
	if($pic_edit == "1"){
		$images = $image;
	}else{
		if($image != ""){
			$tmp = explode("/",$image);
			//$xx = count($tmp) -1;
			$images = $tmp[1];
echo $images;
			//$images = str_replace("usr/product/","",$image);
			if (@copy($image,"usr/product/tmp/".$images)) {
				@unlink($image);
			}
		}else{
			$images = "";
		}
	}

	$sql = "UPDATE pch_product SET barcode='".$barcode."',category_id=".$cat.",image='".$images."' WHERE id='".$id."';";
	mysql_query($sql) or die(mysql_error());
	
	$sql = "UPDATE pch_product_language SET th='".$nameth."',mm='".$namemm."' WHERE product_id='".$id."';";
	mysql_query($sql) or die(mysql_error());

	if($target != ""){
		$sql = "SELECT * FROM pch_product_target WHERE product_id='".$id."';";
		$query = mysql_query($sql);
		if(mysql_num_rows($query) > 0){
			$sql = "UPDATE pch_product_target SET target_id='".$target."' WHERE product_id='".$id."';";
			//echo "a>".$sql;
			mysql_query($sql) or die(mysql_error());
		}else{
			$sql = "INSERT INTO pch_product_target(product_id,target_id) VALUES('".$id."','".$target."');";
			//echo "b>".$sql;
			mysql_query($sql) or die(mysql_error());
		}
	}
	
	if($unit != ""){
		$sql = "REPLACE INTO pch_product_call (id_product,id_unit) VALUES ('".$id."','".$unit."');";
		mysql_query($sql) or die(mysql_error());
	}

	echo "Success";
}

function frmAddUnit(){
?>
	<table>
		<tr>
			<td>Unit Name : </td>
			<td><input type="text" id="unit_name"></td>
		</tr>
		<tr>
			<td colspan="2"><input type="button" id="btnAddUnit" onclick="addUnit()" value="Add"></td>
		</tr>
	</table>
<?
}

function addUnit(){
	$unit_name = $_POST["unit_name"];
	$sql = "INSERT INTO pch_unit(unit_name) VALUES('".$unit_name."');";
	mysql_query($sql) or die(mysql_error());
	echo "Success";
}

function frmEditUnit(){
	$id = $_POST["id"];

	$sql = "SELECT * FROM pch_unit WHERE id='$id'";
	$query = mysql_query($sql);
	$row = mysql_fetch_assoc($query);
	?>
	<table>
		<tr>
			<td>Unit Name : </td>
			<td><input type="text" id="unit_name" value="<?=$row["unit_name"]?>"></td>
		</tr>
		<tr>
			<td colspan="2"><input type="button" onclick="loadUnitManage();" value="Back"><input type="button" onclick="editUnit('<?=$row["id"]?>')" value="Edit"></td>
		</tr>
	</table>
<?
}

function editUnit(){
	$id = $_POST["id"];
	$name = $_POST["name"];

	$sql = "UPDATE pch_unit SET unit_name='".$name."' WHERE id='".$id."';";
	mysql_query($sql) or die(mysql_error());
	echo "Success";
}

function addCart(){
	$item = $_POST["item"];
	$amount = $_POST["amount"];
	$unit = $_POST["unit"];

	//print_r($item);
	//print_r($amount);
	//print_r($unit);

	$last = 0;

	$sql = "INSERT INTO pch_order(order_type,order_date,order_by) VALUES(1,now(),'".$_SESSION["usernames"]."');";
	$query = mysql_query($sql) or die(mysql_error());
	$last = mysql_insert_id();
	//echo $sql;
	for($i=0;$i<count($item);$i++){
		if($i == 0){
			$values .= "";
		}else{
			$values .= ",";
		}
		$values .= "(".$last.",".$item[$i].",'".$amount[$i]."','".$unit[$i]."',0,now())";
	}

	$sql = "INSERT INTO pch_order_detail(order_id,product_id,amount,unit,status,last_update) VALUES".$values.";";
	mysql_query($sql) or die(mysql_error());
	echo "orderid:".$last;
}

function getUnitcall(){
	$id = $_POST["id"];

	$sql = "SELECT id_unit,unit_name FROM pch_product_call JOIN pch_unit ON id_unit=id WHERE id_product='$id'";
	$query = mysql_query($sql);
	$row = mysql_fetch_assoc($query);
	echo $row["id_unit"].":".$row["unit_name"];

}

function loadProductTable(){
	$id = $_POST["id"];
	$sql = "SELECT a.id AS ids,category_name,barcode,th,mm,image,unit_name,targetname,targetmm FROM (pch_product AS a right join pch_product_language on a.id = product_id) Inner Join pch_category AS b ON a.category_id = b.id Left Join pch_product_call AS c ON a.id = c.id_product Left Join pch_unit AS d ON c.id_unit = d.id left join pch_product_target as e on a.id=e.product_id left join pch_target as f on e.target_id=f.id WHERE a.id='".$id."';";
	$query = mysql_query($sql);
	$row = mysql_fetch_assoc($query);
	?>
	<table width="100%">
		<tr>
			<td style="width:120px;height:100px;" align="center"><?if($row["image"] != ""){ echo '<a href="'.$row["image"].'" target="_blank"><img src="'.$row["image"].'" width="100" style="border:0px;"></a>';}else{ echo "&nbsp;";}?></td>
			<td>
				<div>Barcode : <?=$row["barcode"]?></div>
				<div>ชื่อสินค้า : <?=$row["th"]?></div>
				<div>Product Name : <?=$row["mm"]?></div>
				<div>Category : <?=$row["category_name"]?></div>
				<div>Unit : <?=$row["unit_name"]?></div>
				<div>สถานที่เก็บ : <?=$row["targetname"]?></div>
				<div>
					<?
						if(checkAccess("4")){
					?>
						<a href="#" onclick="return frmEditProduct('<?=$row["ids"]?>');">Edit</a>
					<?
						}
					?>
				</div>
			</td>
		</tr>				
	</table>
	<?
}


function frmNewLogoshop(){
?>
	<table>
		<tr>
			<td>Barcode : </td>
			<td><input type="text" id="log_code" OnKeyPress="return chkNumber(this)"></td>
		</tr>
		<tr>
			<td>Category : </td>
			<td><select id="log_cat">
				<?
					$sql = "SELECT * FROM category;";
					$query = mysql_query($sql);
					while($row = mysql_fetch_array($query)){
					?>
						<option value="<?=$row["Cat_ID"]?>"><?=$row["Category_Name"]?></option>
					<?
					}
				?>
				</select>
			</td>
		</tr>
		<tr>
			<td>Product Name : </td>
			<td><input type="text" id="log_name"></td>
		</tr>
		<tr>
			<td>Price : </td>
			<td><input type="text" id="log_price" OnKeyPress="return chkNumber(this)"></td>
		</tr>
		<tr>
			<td colspan="2"><input type="button" id="btnnewLogoProduct" onclick="newLogoProduct()" value="Add"></td>
		</tr>
	</table>
<?
}

function addNewLogoshop(){
	$code = $_POST["code"];
	$cat = $_POST["cat"];
	$name = $_POST["name"];
	$price = $_POST["price"];

	$sql = "INSERT INTO stock(Barcode,Category,Product_Name,Qty,Price,Point_Order) VALUES('".$code."',".$cat.",'".$name."',0,".$price.",3);";
	mysql_query($sql) or die(mysql_error());
	echo "Success";
}

function frmeditLogo(){
	$barcode = $_REQUEST["barcode"];
	$sql = "SELECT * FROM stock WHERE Barcode='".$barcode."'";
	$qry = mysql_query($sql);
	$rw = mysql_fetch_assoc($qry);
?>
	<table>
		<tr>
			<td>Barcode : </td>
			<td><input type="hidden" id="old_code" value="<?=$rw["Barcode"]?>"><input type="text" id="st_code" value="<?=$rw["Barcode"]?>" OnKeyPress="return chkNumber(this)"></td>
		</tr>
		<tr>
			<td>Category : </td>
			<td><select id="st_cat">
				<?
					$sql = "SELECT * FROM category;";
					$query = mysql_query($sql);
					while($row = mysql_fetch_array($query)){
						if($rw["Category"] == $row["Cat_ID"]){
							$selec = "selected";
						}else{
							$selec = "";
						}
					?>
						<option value="<?=$row["Cat_ID"]?>" <?=$selec?>><?=$row["Category_Name"]?></option>
					<?
					}
				?>
				</select>
			</td>
		</tr>
		<tr>
			<td>Product Name : </td>
			<td><input type="text" id="st_name" value="<?=$rw["Product_Name"]?>"></td>
		</tr>
		<tr>
			<td>Price : </td>
			<td><input type="text" id="st_price" value="<?=$rw["Price"]?>" OnKeyPress="return chkNumber(this)"></td>
		</tr>
		<tr>
			<td colspan="2"><input type="button" id="btneditLogoProduct" onclick="editLogoProduct()" value="Save"></td>
		</tr>
	</table>
<?
}

function frmBuyStock(){
?>
	<script type="text/javascript">
		function findValue(li) {
		if( li == null ) return alert("No match!");

		// if coming from an AJAX call, let's use the CityId as the value
		if( !!li.extra ) var sValue = li.extra[0];

		// otherwise, let's just display the value in the text box
		else var sValue = li.selectValue;

		//alert("The value you selected was: " + sValue);
		}

		function selectItem(li) {
			findValue(li);
		}

		function formatItem(row) {
			return row[0] + " | " + row[1];
		}

		$().ready(function() {
			$("#buyBarcode").autocomplete(
			  "autocomplete.php",
			  {
					delay:10,
					minChars:2,
					matchSubset:1,
					matchContains:1,
					cacheLength:10,
					onItemSelect:selectItem,
					onFindValue:findValue,
					formatItem:formatItem,
					autoFill:true
				}
			);
			$("#buyBarcode").focus();
		});
	  
	</script>
	<input type="hidden" id="st_code">
	<input type="hidden" id="st_index" value="1">
	<table>
		<tr>
			<td>Barcode : </td>
			<td><input type="text" style="width: 200px;" value="" id="buyBarcode" class="ac_input"/></td>
			<td>&nbsp;</td>
			<td>Amount : </td>
			<td><input type="text" id="buyAmount"></td>
			<td><input type="button" onclick="addBuyStock()" value="Add"></td>
		</tr>
		<tr>
			<td colspan="6"><input type="button" id="btnStCheckOut" onclick="st_CheckOut()" value="Check Out" disabled></td>
		</tr>
	</table>
	<table id="tblStock" width="430" border="1" style="display:none;">
		<tr>
			<td colspan="4">รายการเพิ่มของลง Logo Shop วันที่  <?=date("d/m/Y");?></td>
		</tr>
		<tr>
			<td width="200">Barcode</td>
			<td width="80" align="center">Amount</td>
			<td width="50">&nbsp;</td>
		</tr>
	</table>
<?
}

function addBuyStock(){
	$item = $_POST["item"];
	$amount = $_POST["amount"];
	
	for($i=0;$i<count($item);$i++){
		if($i == 0){
			$values .= "";
		}else{
			$values .= ",";
		}
		$values .= "('".$item[$i]."','".$amount[$i]."',now(),'".$_SESSION["usernames"]."')";
	}

	$sql = "INSERT INTO buy(Barcode,Qty,Buy_Date,Buy_by) VALUES".$values.";";
	mysql_query($sql) or die(mysql_error());

	for($i=0;$i<count($item);$i++){
		$sql = "UPDATE stock SET Qty = Qty + ".$amount[$i]." WHERE Barcode='".$item[$i]."'";
		mysql_query($sql) or die(mysql_error());		
	}

	echo "orderid:1";
}

function editLogoProduct(){
	$oldCode = $_POST["oldCode"];
	$barcode = $_POST["barcode"];
	$st_cat = $_POST["st_cat"];
	$st_name = $_POST["st_name"];
	$st_price = $_POST["st_price"];

	$sql = "UPDATE stock SET Barcode='".$barcode."',Category=".$st_cat.",Product_Name='".$st_name."',Price=".$st_price." WHERE Barcode='".$oldCode."'";
	mysql_query($sql) or die(mysql_error());
	echo "Success";
}

function delStock(){
	$id = $_POST["id"];

	$sql = "SELECT * FROM stock WHERE Barcode='".$id."';";
	$qry = mysql_query($sql);
	$row = mysql_fetch_assoc($qry);

	$sql = "INSERT INTO del_log(Barcode,Category,Product_Name,Price,Del_By,Del_Date) VALUES('".$row["Barcode"]."',".$row["Category"].",'".$row["Product_Name"]."',".$row["Price"].",'".$_SESSION["usernames"]."',now());";
	mysql_query($sql);

	$sql = "DELETE FROM stock WHERE Barcode='".$id."';";
	mysql_query($sql) or die(mysql_error());
	echo "Success";
}

function getPName(){
	$id = $_POST["id"];

	$sql = "SELECT Product_Name FROM stock WHERE Barcode='".$id."';";
	//echo $sql;
	$qry = mysql_query($sql);
	$row = mysql_fetch_assoc($qry);
	echo $row["Product_Name"];
}

function getAccess(){
	$id = $_REQUEST["id"];
	$sql = "SELECT * FROM pch_access WHERE user_id='".$id."';";
	$query = mysql_query($sql);
	$row = mysql_fetch_assoc($query);
	$data = $row["access"];
?>
	<table width="500">
		<tr>
			<td>&nbsp;</td>
			<td>
				<table>
					<tr>
						<td width="50">Read</td>
						<td width="50">Edit</td>
						<td width="50">Delete</td>
					</tr>
				</table>
			</td>
		</tr>
		<tr>
			<td>สั่งของ</td>
			<td>
				<table>
					<tr>
						<td width="50"><input type="checkbox" id="a_read" <?=(substr($data,0,1)=="1")?"checked":""?>></td>
						<td width="50">&nbsp;</td>
						<td width="50">&nbsp;</td>
					</tr>
				</table>
			</td>
		</tr>
		<tr>
			<td>รับของ</td>
			<td>
				<table>
					<tr>
						<td width="50"><input type="checkbox" id="b_read" <?=(substr($data,1,1)=="1")?"checked":""?>></td>
						<td width="50">&nbsp;</td>
						<td width="50">&nbsp;</td>
					</tr>
				</table>
			</td>
		</tr>
		<tr>
			<td>ส่งของกลับฝั่ง</td>
			<td>
				<table>
					<tr>
						<td width="50"><input type="checkbox" id="c_read" <?=(substr($data,2,1)=="1")?"checked":""?>></td>
						<td width="50">&nbsp;</td>
						<td width="50">&nbsp;</td>
					</tr>
				</table>
			</td>
		</tr>
		<tr>
			<td>จัดการสินค้า</td>
			<td>
				<table>
					<tr>
						<td width="50"><input type="checkbox" id="d_read" <?=(substr($data,3,1)=="1")?"checked":""?>></td>
						<td width="50"><input type="checkbox" id="e_edit" <?=(substr($data,4,1)=="1")?"checked":""?>></td>
						<td width="50"><input type="checkbox" id="f_delete" <?=(substr($data,5,1)=="1")?"checked":""?>></td>
					</tr>
				</table>
			</td>
		</tr>
		<tr>
			<td>ส่งของไปเกาะ</td>
			<td>
				<table>
					<tr>
						<td width="50"><input type="checkbox" id="g_read" <?=(substr($data,6,1)=="1")?"checked":""?>></td>
						<td width="50">&nbsp;</td>
						<td width="50">&nbsp;</td>
					</tr>
				</table>
			</td>
		</tr>
		<tr>
			<td>รายการค้างส่ง</td>
			<td>
				<table>
					<tr>
						<td width="50"><input type="checkbox" id="h_read" <?=(substr($data,7,1)=="1")?"checked":""?>></td>
						<td width="50">&nbsp;</td>
						<td width="50">&nbsp;</td>
					</tr>
				</table>
			</td>
		</tr>
		<tr>
			<td>รายการส่งของจากเกาะ</td>
			<td>
				<table>
					<tr>
						<td width="50"><input type="checkbox" id="i_read" <?=(substr($data,8,1)=="1")?"checked":""?>></td>
						<td width="50">&nbsp;</td>
						<td width="50">&nbsp;</td>
					</tr>
				</table>
			</td>
		</tr>
		<tr>
			<td>รายการของส่งเกิน</td>
			<td>
				<table>
					<tr>
						<td width="50"><input type="checkbox" id="j_read" <?=(substr($data,9,1)=="1")?"checked":""?>></td>
						<td width="50">&nbsp;</td>
						<td width="50">&nbsp;</td>
					</tr>
				</table>
			</td>
		</tr>
		<tr>
			<td>ประวัติการสั่งของ</td>
			<td>
				<table>
					<tr>
						<td width="50"><input type="checkbox" id="k_read" <?=(substr($data,10,1)=="1")?"checked":""?>></td>
						<td width="50">&nbsp;</td>
						<td width="50">&nbsp;</td>
					</tr>
				</table>
			</td>
		</tr>
		<tr>
			<td>ประวัติการรับของ</td>
			<td>
				<table>
					<tr>
						<td width="50"><input type="checkbox" id="l_read" <?=(substr($data,11,1)=="1")?"checked":""?>></td>
						<td width="50">&nbsp;</td>
						<td width="50">&nbsp;</td>
					</tr>
				</table>
			</td>
		</tr>
		<tr>
			<td>Access List</td>
			<td>
				<table>
					<tr>
						<td width="50"><input type="checkbox" id="m_read" <?=(substr($data,12,1)=="1")?"checked":""?>></td>
						<td width="50">&nbsp;</td>
						<td width="50">&nbsp;</td>
					</tr>
				</table>
			</td>
		</tr>
	</table>
	<div><input type="button" value="Update" onclick="AUpdate()"></div>
<?
}

function updateAccess(){
	$id = $_REQUEST["id"];
	$data = $_REQUEST["data"];

	$sql = "SELECT * FROM pch_access WHERE user_id='".$id."';";
	$query = mysql_query($sql);
	if(mysql_num_rows($query) > 0){
		$sql = "UPDATE pch_access SET access='".$data."' WHERE user_id='".$id."';";
		mysql_query($sql) or die(mysql_error());
		echo "Success";
	}else{
		$sql = "INSERT INTO pch_access(access,user_id) VALUES('".$data."','".$id."');";
		mysql_query($sql) or die(mysql_error());
		echo "Success";
	}
}

function updateOrCat(){
	$catid = $_REQUEST["catid"];
?>
	<span>Product : </span>
	<select id="or_item" onchange="updateOrName()">
		<option value="">&nbsp;</option>
		<?
			$sqlP = "SELECT * FROM pch_product_language join pch_product as a on a.id=product_id WHERE category_id='".$catid."' ORDER BY barcode;";
			$queryP = mysql_query($sqlP);
			while($rowP = mysql_fetch_array($queryP)){
		?>
			<option value="<?=$rowP["product_id"]?>"><?=$rowP["barcode"]?> | <?=$rowP["th"]?> | <?=$rowP["mm"]?></option>
		<?
			}
		?>
	</select>
<?
}

function updateSendItem(){
	$id = $_REQUEST["id"];
?>
	<select id="send_item" onchange="updateSendOName()">
		<option value="">&nbsp;</option>
		<?
			$sql = "SELECT * FROM product WHERE catid='".$id."';";
			$query = mysql_query($sql);
			while($row = mysql_fetch_array($query)){
			?>
				<option value="<?=$row["id"]?>"><?=$row["barcode"]." | ".$row["th"]." | ".$row["mm"]?></option>
			<?
			}
		?>
	</select>	
<?
}

function addSendOffice(){


	$item = $_POST["item"];
	$amount = $_POST["amount"];
	$unit = $_POST["unit"];
	$desc = $_POST["desc"];

	$last = 0;

	$sql = "INSERT INTO pch_sendoffice(sendby,sendDate) VALUES('".$_SESSION["usernames"]."',now());";
	$query = mysql_query($sql) or die(mysql_error());
	$last = mysql_insert_id();
	//echo $sql;
	for($i=0;$i<count($item);$i++){
		if($i == 0){
			$values .= "";
		}else{
			$values .= ",";
		}
		$values .= "(".$last.",'".$item[$i]."',".$amount[$i].",'".$unit[$i]."','".$desc[$i]."','".$_SESSION["usernames"]."',now())";
	}

	$sql = "INSERT INTO pch_sendoffice_detail(send_id,item,amount,unit,description,send_by,sendtime) VALUES".$values.";";
	mysql_query($sql) or die(mysql_error());
	//$last = mysql_insert_id();
	echo "ok:".$last;

}

function addSendIsland(){
	$item = $_POST["item"];
	$amount = $_POST["amount"];
	$unit = $_POST["unit"];
	$desc = $_POST["desc"];

	$last = 0;

	$sql = "INSERT INTO pch_sendisland(sendby,sendDate,state) VALUES('".$_SESSION["usernames"]."',now(),'0');";
	echo $sql;
	$query = mysql_query($sql) or die(mysql_error());
	$last = mysql_insert_id();
	//echo $sql;
	for($i=0;$i<count($item);$i++){
		if($i == 0){
			$values .= "";
		}else{
			$values .= ",";
		}
		$values .= "(".$last.",'".$item[$i]."',".$amount[$i].",'".$unit[$i]."','".$_SESSION["usernames"]."',now())";
	}

	$sql = "INSERT INTO pch_sendisland_detail(send_id,item,amount,unit,send_by,sendtime) VALUES".$values.";";
	echo $sql;
	mysql_query($sql) or die(mysql_error());
	//$last = mysql_insert_id();
	echo "ok:".$last;
}

function acceptOrder(){
	$sendid = $_REQUEST["sendid"];
	$data = $_REQUEST["data"];
	$unknow_data = $_REQUEST["unknow_data"];
	$error = "";

	if($data != ""){
		$sql = "SELECT * FROM pch_accept_order WHERE send_id='".$sendid."';";
		$query = mysql_query($sql);
		if(mysql_num_rows($query) > 0){

		}else{

			$tmp = explode(";",$data);

			if(count($tmp) > 0){
				$sql = "INSERT INTO pch_accept_order(send_id,checkDate,checkby) VALUES(".$sendid.",now(),'".$_SESSION["usernames"]."');";
				$query = mysql_query($sql) or die(mysql_error());
				$accept_id = mysql_insert_id();
			
				for($i=0;$i<count($tmp);$i++){
					$adata = explode(":",$tmp[$i]);
					$send_detail_id = $adata[0];
					$pro_id = $adata[1];
					$send_amount = $adata[2];
					$real_amount = $adata[3];
					
					if($i == 0){
						$values .= "";
					}else{
						$values .= ",";
					}
					$values .= "(".$accept_id.",".$sendid.",".$send_detail_id.",'".$pro_id."',".$send_amount.",".$real_amount.",'".$_SESSION["usernames"]."',now(),'0')";
				}

				$sql = "INSERT INTO pch_accept_order_detail(accept_id,send_id,send_detail_id,item,sendamount,realamount,confirmby,confirmDate,state) VALUES".$values.";";
				//echo $sql;
				mysql_query($sql);
				if(mysql_error()){
					$error .= "A:".$sql.":".mysql_error();
				}
			}
		}
	}

	$values = "";
	
	if($unknow_data != ""){

		$unknow_id = 0;

		$sql = "INSERT INTO pch_unknow_receive(send_id,confirmDate,confirmby) VALUES(".$sendid.",now(),'".$_SESSION["usernames"]."');";
		$query = mysql_query($sql) or die(mysql_error());
		$unknow_id = mysql_insert_id();

		$tmp = explode(";",$unknow_data);
		for($i=0;$i<count($tmp);$i++){
			$adata = explode(":",$tmp[$i]);
			$barcode = $adata[0];
			$product = $adata[1];
			$amount = $adata[2];
			$unit = $adata[3];
			
			if($i == 0){
				$values .= "";
			}else{
				$values .= ",";
			}
			$values .= "(".$unknow_id.",".$sendid.",'".$barcode."','".$product."',".$amount.",'".$unit."','".$_SESSION["usernames"]."',now())";
		}

		$sql = "INSERT INTO pch_unknow_receive_detail(unknow_id,send_id,barcode,product,amount,unit,confirmby,confirmDate) VALUES".$values.";";
		//echo $sql;
		mysql_query($sql);
		if(mysql_error()){
			$error .= "B:".$sql.":".mysql_error();
		}
	}
	
	$sql = "UPDATE pch_sendisland SET state='1' WHERE id='".$sendid."'";
	//echo $sql;
	mysql_query($sql);
	if(mysql_error()){
		$error .= "C:".$sql.":".mysql_error();
	}

	if($error != ""){
		echo $error;
	}else{
		echo "Success";
	}
}

function confirmSended(){
	$id = $_REQUEST["id"];
	$sql = "UPDATE pch_accept_order_detail SET state='1' WHERE id='".$id."';";
	mysql_query($sql);
	if(mysql_error()){
		$error .= mysql_error();
	}

	if($error != ""){
		echo $error;
	}else{
		echo "ok:";
	}
}

function searchProduct(){
	$search = $_REQUEST["search"];
	?>
	<table border="1" width="100%" style="table-layout:fixed;">
		<tr>
								
	<?
		if($search != ""){
			$where = " WHERE barcode like '%".$search."%' OR th like '%".$search."%';";
		}else{
			$where = ";";
		}

		$sql = "SELECT a.id AS ids,category_name,barcode,th,mm,image,unit_name,targetname,targetmm FROM (pch_product AS a right join pch_product_language on a.id = product_id) Inner Join pch_category AS b ON a.category_id = b.id Left Join pch_product_call AS c ON a.id = c.id_product Left Join pch_unit AS d ON c.id_unit = d.id left join pch_product_target as e on a.id=e.product_id left join pch_target as f on e.target_id=f.id".$where;
		$query = mysql_query($sql);
		$i=0;
		while($row = mysql_fetch_array($query) or die(mysql_error())){
		?>
				<td width="50%" id="tbl_product_<?=$row["ids"]?>">
					<table width="100%">
						<tr>
							<td style="width:120px;height:100px;" align="center"><?if($row["image"] != ""){ echo '<a href="'.$row["image"].'" target="_blank"><img src="'.$row["image"].'" width="100" style="border:0px;"></a>';}else{ echo "&nbsp;";}?></td>
							<td>
								<div>Barcode : <?=$row["barcode"]?></div>
								<div>ชื่อสินค้า : <?=$row["th"]?></div>
								<div>Product Name : <?=$row["mm"]?></div>
								<div>Category : <?=$row["category_name"]?></div>
								<div>Unit : <?=$row["unit_name"]?></div>
								<div>สถานที่เก็บ : <?=$row["targetname"]?></div>
								<div>
									<?
										if(checkAccess("4")){
									?>
										<a href="#" onclick="return frmEditProduct('<?=$row["ids"]?>');">Edit</a>
									<?
										}
									?>
								</div>
							</td>
						</tr>				
					</table>
				</td>
		<?
			if($i%2){
				echo "</tr><tr>";
			}
			$i++;
		}
	?>
		</tr>
	</table>
	<?
}

function viewAcceptDetail(){
	$id = $_REQUEST["id"];

	$sql = "select th,mm,sendamount,realamount,confirmby,confirmDate from pch_accept_order_detail join product as b on item=b.id WHERE accept_id='".$id."';";
	$query = mysql_query($sql);
	if(mysql_num_rows($query) > 0){
		?>
		<div><a href="#" onclick="printNotAccept('<?=$id?>');">Print Preview</a></div><br>
		<table border="1" width="100%">
			<tr>
				<td>ชื่อสินค้า</td>
				<td>Product Name</td>
				<td>Send Amount</td>
				<td>Real Amount</td>
				<td>Confirm By</td>
				<td>Confirm Date</td>
			</tr>
		<?
		while($row = mysql_fetch_array($query)){
		?>
			<tr>
				<td><?=$row["th"]?></td>
				<td><?=$row["mm"]?></td>
				<td><?=$row["sendamount"]?></td>
				<td><?=$row["realamount"]?></td>
				<td><?=$row["confirmby"]?></td>
				<td><?=$row["confirmDate"]?></td>
			</tr>
		<?
		}
		?>
		</table>
		<?
	}else{
		echo "No Data";
	}
}
?>